Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/3C836F96DD5C11EFB1D93769762E951A.roa
File: 3C836F96DD5C11EFB1D93769762E951A.roa (raw, json)
Hash identifier: iSI1Fg5i7pMaZuu3tpqcqvjjxXpFCYkWT8ucZIu0CLs=
Subject key identifier: AE:5D:99:D6:02:C9:DD:49:B4:1C:B9:45:FD:BD:47:E0:B8:27:DC:00
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 12
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/3C836F96DD5C11EFB1D93769762E951A.roa
Signing time: Tue 28 Jan 2025 09:42:49 +0000
ROA not before: Tue 28 Jan 2025 09:42:46 +0000
ROA not after: Wed 31 Jan 2035 09:42:46 +0000
asID: 30992
IP address blocks: 129.0.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 09:42:46 2025 GMT
Not After : Jan 31 09:42:46 2035 GMT
Subject: CN=6798a699-519a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:53:1c:1c:df:a7:c3:82:5b:48:45:78:7b:bd:
72:c8:5e:95:39:6c:9f:53:ec:35:aa:22:ea:14:f4:
0b:b8:d5:ac:3c:c9:1c:10:2a:35:59:46:52:d9:ad:
6b:44:c4:d4:cc:9b:35:55:e4:d5:5b:7a:88:3f:95:
30:e8:35:be:78:a7:f1:8f:f9:b6:11:fd:17:00:1b:
92:cf:f3:4a:0e:1e:3d:6a:18:6a:15:ed:17:0b:8f:
bf:7c:60:13:46:7d:69:db:b4:04:32:28:31:28:23:
f3:6a:0f:a6:bb:93:52:f5:01:e6:f6:74:0a:91:b3:
3e:d6:9d:c6:76:18:29:c0:b0:bb:fd:42:eb:22:5e:
99:34:71:36:8d:ea:55:4a:52:47:d7:47:da:e5:00:
87:76:46:89:c0:85:1b:20:ec:d6:19:0f:a1:49:c8:
0f:5a:de:0f:7a:fd:48:5c:50:cb:e6:94:00:48:d7:
ab:72:bd:9a:2b:15:d7:a5:05:e1:76:e2:12:3a:48:
d9:07:0b:39:54:42:5c:25:38:17:3b:3b:0d:e0:56:
30:5d:7a:69:b4:c1:36:ed:8f:df:3c:e1:05:7c:9e:
10:02:e3:40:46:95:b4:be:3e:52:65:2c:f3:0d:82:
62:57:1c:68:05:15:7b:5a:a5:ca:fc:d8:f7:7c:bd:
eb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5D:99:D6:02:C9:DD:49:B4:1C:B9:45:FD:BD:47:E0:B8:27:DC:00
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/3C836F96DD5C11EFB1D93769762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.104.0/24
Signature Algorithm: sha256WithRSAEncryption
97:b1:34:0e:e4:80:a3:56:09:ae:41:58:ba:76:3f:bc:57:79:
ba:a3:c0:44:dc:2d:09:aa:3d:48:d0:6c:ac:be:53:aa:dc:bc:
cf:cd:33:99:66:29:ea:27:0e:8d:f1:47:50:68:2d:f2:16:83:
5c:09:f7:f0:2a:1f:10:d7:d5:d7:34:82:e8:92:62:d6:b8:ad:
2c:61:c4:36:03:dc:17:0a:79:78:e5:07:a3:27:06:be:dd:de:
49:fb:ca:04:62:82:93:5c:cf:b2:2e:cf:dd:80:60:cd:9a:88:
aa:80:7e:1c:7c:6e:db:d3:9b:21:c5:06:6a:43:6d:d8:f5:9c:
67:3c:48:74:7e:dd:43:71:af:f3:62:7c:83:51:62:ce:d4:2b:
00:82:d7:cc:5c:fe:8f:1f:54:1f:c9:1a:60:a2:67:be:18:ca:
ac:d8:49:2b:6e:2f:12:c1:9c:24:cc:81:96:9d:df:06:7e:5f:
73:dd:c0:42:2b:05:57:93:d0:17:8f:c4:1e:3b:93:d3:e1:58:
8c:1f:fd:4c:68:8d:ee:7c:5a:62:c6:88:d8:b5:cc:be:dd:1b:
1f:7e:ab:c6:a9:7e:a5:ec:95:c1:22:f3:b1:99:b4:10:de:a0:
1e:d1:65:3d:6e:62:4e:25:0b:81:f6:99:c8:31:37:88:24:9c:
49:a5:89:ee
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODA5NDI0NloXDTM1MDEzMTA5NDI0NlowGDEWMBQG
A1UEAxMNNjc5OGE2OTktNTE5YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVTHBzfp8OCW0hFeHu9cshelTlsn1PsNaoi6hT0C7jVrDzJHBAqNVlGUtmt
a0TE1MybNVXk1Vt6iD+VMOg1vnin8Y/5thH9FwAbks/zSg4ePWoYahXtFwuPv3xg
E0Z9adu0BDIoMSgj82oPpruTUvUB5vZ0CpGzPtadxnYYKcCwu/1C6yJemTRxNo3q
VUpSR9dH2uUAh3ZGicCFGyDs1hkPoUnID1reD3r9SFxQy+aUAEjXq3K9misV16UF
4XbiEjpI2QcLOVRCXCU4Fzs7DeBWMF16abTBNu2P3zzhBXyeEALjQEaVtL4+UmUs
8w2CYlccaAUVe1qlyvzY93y96ysCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSuXZnW
AsndSbQcuUX9vUfguCfcADAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvM0M4MzZGOTZERDVDMTFFRkIxRDkzNzY5NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAaDANBgkqhkiG9w0BAQsFAAOC
AQEAl7E0DuSAo1YJrkFYunY/vFd5uqPARNwtCao9SNBsrL5Tqty8z80zmWYp6icO
jfFHUGgt8haDXAn38CofENfV1zSC6JJi1ritLGHENgPcFwp5eOUHoycGvt3eSfvK
BGKCk1zPsi7P3YBgzZqIqoB+HHxu29ObIcUGakNt2PWcZzxIdH7dQ3Gv82J8g1Fi
ztQrAILXzFz+jx9UH8kaYKJnvhjKrNhJK24vEsGcJMyBlp3fBn5fc93AQisFV5PQ
F4/EHjuT0+FYjB/9TGiN7nxaYsaI2LXMvt0bH36rxql+peyVwSLzsZm0EN6gHtFl
PW5iTiULgfaZyDE3iCScSaWJ7g==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:12:16 2025 by rpki-client